package com.xxxx.springsecuritydemo.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

@Controller
public class LoginController {
    /*@RequestMapping(value = "/login", method = RequestMethod.POST)
    public String login() {
        System.out.print("登陆成功");
        return "redirect:main.html";
    }*/
    // 注解方式定义角色权限
//    @Secured("ROLE_abc")
    // 在类加载前判断权限的注解
    @PreAuthorize("hasRole('ROLE_abc')")
    @RequestMapping(value = "/toMain", method = RequestMethod.POST)
    public String toMain() {
        System.out.print("登陆成功");
        return "redirect:main.html";
    }

    @RequestMapping("toError")
    public String toError() {
        return "redirect:error.html";
    }

    @RequestMapping("/demo")
    public String demo(){
        return "demo";
    }

    @RequestMapping("/showLogin")
    public String showLogin(){
        return "login";
    }
}
